Red Hat Customer Portal - Access to 24x7 support and knowledge

Hello,

After booting with ima=on, ima_policy=tcb, I think the default policy contains also:
measure func=BPRM_CHECK

Now I need to include only specific library for this check.
Can you please tell what is the exact syntax :
echo "measure ...." > /sys/kernel/security/ima/policy

The goal is to defend the rootfs from files modification by hacker.

Thank you,
Zvika

Ansible.com

Red Hat Ecosystem Catalog

Red Hat Hybrid Cloud Console

Red Hat Store

Red Hat Marketplace

Red Hat Summit and AnsibleFest

IMA: include specific library in BPRM_CHECK

Responses

Quick Links

Help

Site Info

Related Sites

Red Hat legal and privacy links

Red Hat legal and privacy links